Main menu

Stuart Robinson's Journey up the Cisco Ladder

CEF - Cisco Express Forwarding
-Both routers and Layer 3 switch both have IOS routing software.
-Software Routing is slow compared to ASICs
L3 switching can use a software and hardware method to move data.
FIB - Fowarding Information Base - Caches Routing Information from the Router supervisor
ADJ Table "routes" (fowards) frames out a port based on mac address information.
ASIC is a name for a switches hardware.
CEF takes L3 routing informaion and caches it to the FIB.
As the switch is booting up, it will look for all the next hop addresses in the routing table
and pull the MAC addresses from the addresses.
This information is then sent to the adjacency table with all the necessary ARP information.
CEF only tracks routed ports (or interface vlans)
Exceptions to CEF:
Packets with Header options
Packets with TTL expired
Packets destined to use tunnel interfaces
Packets with unsupported encapsulations
Packets required fragmentaion (MTU Exceeded)
----------------------------------------
to turn on CEF:
switch(config)#ip cef
CEF has a feature to watch all traffic statistics.
Will only work for routed interface vlans
show ip cef vlan 200:
shows what ips have been learned by CEF in vlan 200.
ex output:
switch#show ip cef vlan 151
192.168.0.0/24
attached to Vlan151
The 192.168.0.0/24 was learned on vlan 151
switch#show ip cef 192.168.0.25
192.168.0.25/32
receive
show ip arp x.x.x.x
shows arp information for the specified IP address, and what interface it was learned on.

Etherchannel - Aggregation of redundant links
Etherchannel takes bundles of redundant links (up to 8 links) and pools the bandwidth into one logical link and load balances all
traffic across those physical links.
Etherchannel has automatic failover as well.
Port Aggregation Protocol (PAGP) -
Cisco's proprietary etherchannel negotiation protocol.
Port modes:
.Auto - Will only negotiate an etherchannel with the switch on the other end of the link if other end negotiates it.
.Desirable - Will actively attempt to negotiate an etherchannel port with the other end of the link,
usually to break the ice in the auto state on the switch on the other end of the link.
.On - Hard coding a port to negotiate an etherchannel.
Link Aggregation Control Protocol (LACP)
Industry standard, declared 802.3AD by IEEE
Port modes:
.Passive - same as auto
.Active - same as desirable
.On - same as cisco "on"
------------------------------------------------------------------------------------------------------------------
Layer 2 Etherchannel
Acts as a normal layer 2 switched bundle of links.
Layer 3 Ether Channel
Turns the Layer 2 Etherchannel into a Port Channel that has routing capabilities.
------------------------------------------------------------------------------------------------------------------
Same config needs to take place on both ends of the link. In order for the etherchannel to be up they other side needs to be configured.
No configuration on the other with active or passive config the ports will just return to normal switching port.
Switch(config)#interface range fast 0/23 - 24 - select the ports to create the etherchannel
Switch(config-if-range)#channel-protocol <LACP> <PAGP> - select the protocol
Switch(config-if-range)#channel-group <1-64> - assign the etherchannels a group number
Switch(config-if-range)#channel-group <1-64> <mode [passive/auto][active/desirable][on]>
Will create a new interface called Port-Channel <1-64>. Configuration for L2 etherchannel.
Layer 3 Etherchannel:
(assume port-channel 1 was created out of fast 0/23 and 0/24)
Turn channel group 1 off first:
Switch(config)#interface range fast 0/23 - 24 - selected ports
Switch(config-if-range)#no channel-group 1
Switch(config-if-range)#exit - leave interface range configuration
Switch(config)#interface port-channel 1
Switch(config-if)#no switchport - to remove switching capabilities from this port, and gain routed capabilities
Switch(config-if)#ip address 192.168.1.1 255.255.255.252 - add an ip address to the port channel
Switch(config-if)#interface range fast 0/23 - 24
Switch(config-if-range)#channel-group 1 mode desirable - to create the channel group and place into desirable negotiation mode.

Yes, I’m finally back with more notes that I have been accumulating. I will be posting my notes from time to time, making changes to them over time. Don’t take these notes as a learning source! They’re notes! And most of the time they aren’t even complete!

HSRP, VRRP, GLBP [Not Complete]
==================
HSRP - Hot StandBy Router Protocol
-Created by Cisco, 1994 Proprietary
-Uses a default hello timer of 3 seconds with a hold of 10
.Gateways organized into standby groups
.One gateway active, others in standby
.Virtual router IP and MAC address generated
.Hello/3s , Dead/10s
Both gateways will have their own IPs, but the standby group will have one ip address assigned to it but it will generate a virtual mac address.
Virtual MAC address is generated according to ID's:
0000.0c07.acxx
===================|===========|=====================|
[0000.0C] |[07.AC] |[xx] |
Cisco Vendor ID |HSRP ID |Standby Group Number |
===================|===========|=====================|
Clients will use that standby group IP address as their default IP address. This means nothing on the client end of the connection needs to change if one gateway fails.
Gateways will send an ARP message to any downstream switches to have traffic redirected in the right path.
==================
VRRP - Virtual Router Redundancy Protocol
-Created by IETF, 1999
-Open Standard, not proprietary
-Has faster timers than HSRP - Hello 1 seconds, Hold Time 3 seconds
Skew Timer - a timer that starts after a hello is missed + the hold time.
Uses Master and Backup
Stanby Group is called the VRRP Group
Master Router can share virtual IP
If a master sees one of it's tracked interfaces go down it will automtically set it's priority to 0.
==================
GLBP - Gateway Load Balancing Protocol
-Created by Cisco, 2005 Proprietary
-Identical to HSRP but allows active/active connection that enables load balancing.
-GLBP uses 224.0.0.102:3222 as the multicast IP to send/listen for hello packets
-GPBP elects on AVG for each group.
GLBP will use a single IP with Multiple MAC addresses.
Can use Equal or Unequal load balancing.
GLBP will have one single Active Virtual Gateway - Manages the MAC address pools, knows about all other virtual MACs and which ones are assigned to backup routers.
It will respond to ARP requests but will respond with it's Virtual MAC or another router's virtual MAC depending on how load balancing is configured.
Other routers in a GLBP domain will be labeled as Active Virtual Forwarders.
==================
To Setup HSRP:
Create a Standby Group
Select a Primary and a Standby Device.
(Make sure you have a link between the two switches/routers)
Go into the chosen int vlan:
switch(config)#int vlan 25
switch(config-if)#standby group 1 ip 10.1.1.1
(ip is the virtual IP)
switch(config-if)#standby 1 priority 150
routers will have a default of 100.
Higher priority # = higher priority. Higher # will make the switch/router the active router.
Do this same configuration on the other switch/router. However with a lower priority.
show standby - will show standby group statistics
Premption - When a higher priority routers comes back online or is reconverged to a standby group, it tells the other router it will take over as the primary.
Sometimes not a good idea because flapping links/unstable primary (i.e. constant reboots, or hardware failure) will cause outage from deactivating the standby switch/router constantly.
switch(config)#int vlan 25
switch(config-if)#standby 1 preempt (overthrow lower priority designated routers)
Tracking - if a WAN link on the active router fails, it will automatically decrease it's priority number in order to force standby into active. Preempt must be configured.
switch(config-if)#standby 1 track fastEthernet 0/24 50 (reduce priority by 50)
You can set prempt delay using the <minimum swtich>
switch(config-if)#standby 1 prempt delay 90 (wait 90 seconds)
Change timers:
switch(config-if)#standby 1 timers (hello) (dead)
======================
To Setup HSRP:
Configure VRRP Group
switch(config)#int g0/24
switch(config-if)#vrrp 10 ip 192.168.1.1
switch(config-if)#vrrp 10 timers advertise (this will advertise to the other backup the hello timer)
no dead time is set because dead time is default x3 the hello timer.
Other switch/router will have a similar configuration
======================
To Configure GLBP:
switch(config)#int g0/24
switch(config-if)#glbp 1 ip 192.168.1.1 (1 is the group number)
switch(config-if)#glbp 1 priority 1-255 (this will elect the AVG, everything else will be the AVF)
switch(config-if)#glbp 1 timers
switch(config-if)#glbp load-balancing (by default uses round-robin method)
host-dependent - load balance equally, source mac determines forwarder choice
weighted - load balance in proportion to forwarder weighting - 1 - 254 / track

So, I know I posted hardly anything for my NA studies except for some notes. However, I’m going to take a small break from my studies, for a short while, and move onto my NP. Once I’m doing NP, I’ll be adding more and more to 3rd Layer. For now, I just have a little bit of notes.

128BIT
8octets
each octet = 16 bits
Example:
2001:0050:0000:0000:0000:0AB4:1E2B:98AA
Zero compression:
2001:0050::0AB4:1E2B:98AA
Leading Zero:
2001:50::AB4:1E2B:98AA
-------------------------------------------------------------------------------------------------------------
Unicast: One to One
Multicast: One to Many
Anycast: One to Closest
To provide easier v4 to v6 transition:
Dual Stack Routers - Routers that run both 4 and 6 at the same time. v4 clients can still use v4 internet, but also v6, and v6 to v6 and v4. ISPs will be able to translate your v4 to v6 and v6 to v4.
Tunneling 6to4 and 4to6 - if you're connecting to v6 internet with v4 host and are trying to connect to a remote v4, a 6to4 will tunnel v4 through v6 back to v4. Vice versa for 6
NAT-PT - Will NAT v6 to v4 and NAT v4 to V6 on the internet:
internal v4 can be NAT out to a v6 and vice versa
x.x.x.x:1234 -> nat -> x:x:x:x::x:1234
-------------------------------------------------------------------------------------------------------------
Link local scope address: Layer 2 domain
----------------------------------------------
Assigned automatically as an IPv6 host comes online.
Like a 169.254.*.* ipv4 self assigned.
However this will be assigned by a host anyway.
Will start with FE80 (1111 1110 10) followed by 54 bits of zeros (this makes the first part of the 64 bit ipv6 address)
Last 64 bits is the 48-bit Mac address with FFFE in the middle.
This address is the equivalent to an IPv4 internal address used to communicate with another host in a broadcast domain.
Unique / (Site) Local Scope Address: Organization (RFC4193) Site (RFC 3513)
----------------------------------------------
Used within Enterprise networks to ID the boundaries of their networks.
Starts with FC00::/7 1111 110(l) - 1 = Locall Assigned | 0 = Future Use
1111 110(l) - (40bit)Global ID [everyone in your organization will use this] - (16bit)subnet ID[vlans/wanlinks/etc] - (64bit)Interface ID[spliced into mac address/from dhcpv6/etc]
Global Scope Address: Internet (or internet 2) These are you public address (internet ip addresses)
----------------------------------------------
starts with 2000::/3 (001)
Global Routing Prefix is 48bits or less
Subnet ID is composed of whatever bits are left over after global routing prefix
The Primary addresses expected to compose the IPv6 internet are from the 2001::/16 subnet
Global routing prefix starts with 2xxx+48 - 64-n bits [subnet id] - last 64 is interface
example: WAN interface 2001:210:10:1::1/64 would ptp with 2001:210:10:1::2/64
-------------------------------------------------------------------------------------------------------------
router(config)#ipv6 unicast routing - turns on ipv6 routing
router(config-if)#ipv6 address x:x:x:x::x/(0-128) - assign an interface an ipv6 address.
router#ping ipv6 x:x:x:x::x - version 6 of ping
router(config)#ipv6 router rip 1 - turns on RIPng for ipv6 - after this, you don't even need to add network statements. (1 is just a process ID)
router(config-if)#ipv6 rip 1 enable - turns RIPng on the interface
----------------------------------------------
IPv6 Routing Protocols:
RIPng (rip next gen)
OSPFv3
IS-IS for IPv6
EIGRP for IPv6
MP-BGPP4

PVC Status Messages-
Active - Working
Inactive - remote problem - problem on the other side
Deleted - Local problem (problem on the immediate device)
\\\\\
Three types of LMI:
Cisco -default propreitary
ANSI
Q933A
LMI Autosense used from the DTE side to determine the LMI type coming from the frame-relay provider. It sends out the three LMI messages and the LMI type based on what it recieves back.3 LMIs not recieved is the default for a time out and connection to be considered down.
router#show frame LMI - shows what type of LMI is being used, how many enq. has been sent and recieved.
\\\\\
DLCI - Data Link Connection Identifier. Frame Relay's Layer 2 address. Locally Significant only. Not advertised to other routers.
Assigned by the frame relay provider.
iARP - Inverse ARP - Dynamic Mapping - Router's service to learn the discover the FRcircuit dynamically and create frame-map statements.
Enabled by default.
Frame map statements: Always map the local DLCI to the remote IP address.
commands:
router(config-if)#encapsulation frame-relay - to turn frame relay on an interface. (Cisco or ietf are your encapsulation options.
router#show frame map - show frame relay map statements created statically or via iARP
router(config-if)#no frame-relay inverse-arp - turn off iARP (disable dynamic mapping)
router(config-if)#frame map ip x.x.x.x(remote router) xxx(local dlci) broadcast(to send out routing updates for routing protocols since FR is an NBMA network)
Split Horizon - Rule that routes learned on an interface are not to be sent out that same interface. Split Horizon is a routing loop prevention rule. Problem in frame-relay using point to point connections.
router(config-if)#no ip split horizon - turns off the split horizon rule.
Point to Multipoint is a way to prevent this. This is done by creating logical subinterfaces off a physical interface.
router(config)#interface serial 0/0.### specify point to point or multipoint.
Congestion notification values:
FECN - Forward Explicit Congestion Notification
BECN - Backward Explicit Congestion Notification
DE - Discard Eligible
router#show frame pvc - will show you pvc interfaces, will display in/out FECN and BECN values